Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/GW1Klv22yNsE5MYPV75xnmhGv3A.roa
File: GW1Klv22yNsE5MYPV75xnmhGv3A.roa (raw, json)
Hash identifier: rIJpTjsiYMjtG6CQDpmbKG45pPqHe8TdfekwwQNTL+I=
Subject key identifier: 19:6D:4A:96:FD:B6:C8:DB:04:E4:C6:0F:57:BE:71:9E:68:46:BF:70
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 01941FFA09D37B52F8055829395387480691
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/GW1Klv22yNsE5MYPV75xnmhGv3A.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199614
IP address blocks: 185.138.234.0/24 maxlen: 24
185.138.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:09:d3:7b:52:f8:05:58:29:39:53:87:48:06:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=196d4a96fdb6c8db04e4c60f57be719e6846bf70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c4:ee:b6:4b:f2:10:9c:5b:f4:e4:72:4c:a7:
7c:81:06:83:3b:81:83:77:a7:bf:6f:4e:c9:e9:4f:
3a:b7:f0:ec:ea:2a:5e:8d:eb:bb:34:cc:db:76:07:
2b:55:cf:c9:ae:a1:3b:4a:de:fe:93:09:0d:d9:ba:
2d:76:21:53:b6:78:b0:d0:14:41:92:d4:65:b2:3f:
95:00:a3:3f:d5:1d:bc:ac:ca:0f:d0:83:97:d3:06:
71:51:7f:43:0c:63:01:5f:11:33:be:5f:83:43:76:
3e:4a:73:2b:e0:f8:0d:b0:36:4c:8b:e8:6f:7b:64:
74:aa:d4:d1:5c:2c:5e:18:1d:0c:5a:28:33:68:4a:
e2:84:60:15:b6:c7:2b:28:24:cb:cd:e6:c5:42:6b:
42:13:14:95:23:e0:40:cd:5b:b3:4c:48:ea:81:2a:
1e:dc:7a:b9:2e:9d:e2:c1:0f:52:bf:e9:b6:06:fa:
d0:a6:d6:3a:f1:49:32:aa:ab:2e:e3:a5:a5:07:a9:
c0:c3:b7:ed:bb:d3:8a:8f:2a:69:ed:96:73:1e:7e:
27:c6:c7:65:3d:cd:cb:68:e6:db:61:e5:ab:bd:a9:
4b:ea:14:0b:62:06:21:4c:c0:f0:bb:07:45:20:b7:
9a:b8:fa:98:b7:de:4b:f8:9c:20:74:76:8a:00:79:
73:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6D:4A:96:FD:B6:C8:DB:04:E4:C6:0F:57:BE:71:9E:68:46:BF:70
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/GW1Klv22yNsE5MYPV75xnmhGv3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.234.0/23
Signature Algorithm: sha256WithRSAEncryption
36:e4:10:e9:ed:52:c6:02:00:2f:7b:b0:26:1c:07:79:d7:26:
32:7b:a4:40:1f:d0:57:fa:88:71:30:7d:56:23:9b:5d:20:4e:
b2:5e:eb:8b:22:b5:71:31:c0:3c:d8:7a:e1:e8:08:50:3d:09:
ff:04:ff:2c:aa:16:7f:67:dc:a4:45:b8:47:f3:ef:5a:78:c2:
e8:4e:b3:02:03:ac:d0:f2:90:2b:2c:28:c0:f2:39:83:c5:37:
a0:15:bd:0b:e9:22:eb:90:da:1b:5b:5a:64:ba:2e:d9:25:a8:
96:2b:96:62:ed:61:24:87:f1:be:e3:f4:ee:e1:7c:7b:65:94:
64:6d:03:97:60:31:a7:5f:cd:d0:c3:2a:82:ff:61:48:56:db:
16:82:ac:b1:58:96:91:2c:e1:8a:07:a1:26:4d:7a:85:b5:58:
7b:c9:ef:e7:bf:3e:29:27:42:dc:64:b2:89:79:dd:e7:f0:b5:
84:13:5e:67:b5:85:6a:99:12:ad:fb:62:35:23:25:97:4e:0d:
cd:86:eb:ea:bf:38:c6:c3:bf:b4:bd:85:6c:77:a7:82:d1:ed:
79:4f:3d:6b:ea:e2:43:74:09:c2:2b:0c:63:6a:db:b8:a6:21:
52:df:d5:6f:aa:be:2a:84:3e:50:bc:e9:4b:9e:5a:45:c7:05:
83:e5:a5:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gnTe1L4BVgpOVOHSAaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZkNGE5NmZkYjZjOGRiMDRlNGM2MGY1N2JlNzE5ZTY4NDZiZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcTutkvyEJxb9ORyTKd8gQaDO4GD
d6e/b07J6U86t/Ds6ipejeu7NMzbdgcrVc/JrqE7St7+kwkN2botdiFTtniw0BRB
ktRlsj+VAKM/1R28rMoP0IOX0wZxUX9DDGMBXxEzvl+DQ3Y+SnMr4PgNsDZMi+hv
e2R0qtTRXCxeGB0MWigzaErihGAVtscrKCTLzebFQmtCExSVI+BAzVuzTEjqgSoe
3Hq5Lp3iwQ9Sv+m2BvrQptY68Ukyqqsu46WlB6nAw7ftu9OKjypp7ZZzHn4nxsdl
Pc3LaObbYeWrvalL6hQLYgYhTMDwuwdFILeauPqYt95L+JwgdHaKAHlzywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBltSpb9tsjbBOTGD1e+cZ5oRr9wMB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvR1cxS2x2MjJ5TnNFNU1ZUFY3NXhubWhHdjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYrqMA0G
CSqGSIb3DQEBCwUAA4IBAQA25BDp7VLGAgAve7AmHAd51yYye6RAH9BX+ohxMH1W
I5tdIE6yXuuLIrVxMcA82Hrh6AhQPQn/BP8sqhZ/Z9ykRbhH8+9aeMLoTrMCA6zQ
8pArLCjA8jmDxTegFb0L6SLrkNobW1pkui7ZJaiWK5Zi7WEkh/G+4/Tu4Xx7ZZRk
bQOXYDGnX83QwyqC/2FIVtsWgqyxWJaRLOGKB6EmTXqFtVh7ye/nvz4pJ0LcZLKJ
ed3n8LWEE15ntYVqmRKt+2I1IyWXTg3NhuvqvzjGw7+0vYVsd6eC0e15Tz1r6uJD
dAnCKwxjatu4piFS39Vvqr4qhD5QvOlLnlpFxwWD5aVc
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:09:40 2025 by rpki-client